[ISN] Cyber vandals hit DISA sites

From: InfoSec News (isnat_private)
Date: Tue May 29 2001 - 00:18:31 PDT

  • Next message: William Knowles: "[ISN] Serving in Silence: NSA's Fallen Comrades"

    BY George I. Seffers 
    May 28, 2001 
    In a two-day rampage against U.S. government Web sites, a group of
    cyber vandals dubbed PoizonB0x, attacked two sites maintained by the
    Defense Information Systems Agency, the organization tasked with
    defending military networks.
    The attacks, which included the two Defense Department sites and nine
    U.S. government sites, were conducted May 24 and 25. The group also
    participated in an apparent multi-group attack on California state
    In a terse confirmation of the attack, a DISA spokeswoman replied,
    "Yes, two Defense Enterprise Computing Center publicly accessible Web
    sites were defaced. The group claiming responsibility was PoisonB0x."
    She added that no classified networks were infiltrated and that other
    than the defacements, no harm was done.
    The two DOD Web sites belonged to DECCs in St. Louis and San Diego,
    according to information provided by Attrition.org, a group of
    volunteers who maintain a Web site that many information warriors in
    the military rely on for news and information about hackers. The
    information was confirmed by DISA.
    PoizonB0x defaced nine other government Web sites, including:
    * The chief information officer of the General Services
    * NASAs Advanced General Aviation Transport Experiments. 
    * The Arcata [Calif.] Fish and Wildlife Office. 
    * The U.S. Bankruptcy Court, Eastern District of California. 
    * The U.S. District Court, Northern District of Texas.
    The group also participated in what appeared to be a multi-group
    effort to deface California state government Web sites. Other groups
    said to be involved include Hi-Tech Hate and tty0, according to
    information provided by Attrition.
    In each of the PoizonB0x attacks, the defacements consist of solid
    black backgrounds with large white letters stating that "PoizonB0x Wuz
    In response to e-mailed questions, a PoizonB0x representative said it
    was a "pice of cake," getting into DISA's systems and that they could
    have taken advantage of three or more other vulnerabilities. PoizonB0x
    said that DISA apparently was unaware of the penetration and that no
    harm was done other than the defacements.
    "damage? nope, maybe coz i was a lil drunk and lazy, coz i think i
    could execute some viruses or backdoors there. i could also format all
    hdds and shutdown the system. and u know, i looked through almost all
    papers there and i did find them interesting. and, heh, i had an idea
    to edit some of 'em but i decided to leave the system," the
    representative said.
    ISN is hosted by SecurityFocus.com
    To unsubscribe email isn-unsubscribeat_private

    This archive was generated by hypermail 2b30 : Tue May 29 2001 - 01:38:36 PDT